This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to thefollowing package versions:

Ubuntu 5.04: mutt 1.5.6-20040907+2ubuntu0.1

Ubuntu 5.10: mutt 1.5.9-2ubuntu1.1

Ubuntu 6.06 LTS: mutt 1.5.11-3ubuntu2.1

After a standard system upgrade you need to restart mutt to effect thenecessary changes.

Details follow:

TAKAHASHI Tamotsu discovered that mutt's IMAP backend did notsufficiently check the validity of namespace strings. If an userconnects to a malicious IMAP server, that server could exploit this tocrash mutt or even execute arbitrary code with the privileges of themutt user.